Identity Management Services provide these capabilities:
Authentication – Quickly verify user identities (Who you are).
Authorization – Control users access (What you can access).
Administration – Manage users and the policies for controlling user’s access privileges.
Identity Management Services include:
Person Registry – University’s identity system implemented for creation and maintenance of users’ electronic identities at the university and the resources they are permitted to access.
Single Sign-On (CAS) – A central authentication service (CAS) that enables a user to be prompted to log-in only once to access multiple web applications that are integrated with CAS.
Enterprise Directory Service (OpenLDAP) – University repository of users and attributes for use in authentication and providing directory information. Lightweight Directory Access Protocol (LDAP) is the application protocol for querying and modifying the directory services.
Password Repository (Kerberos) – University’s password store used at the University for NetID. When a user or application authenticates with the central authentication service (CAS), the password is validated against what is stored in the Kerberos password repository.
Authentication Token (SafeNet) – A physical device (i.e. hardware token) provided to users for use is authenticating to some University systems. This SafeNet devise (key fob) provides one-time dynamic passwords for system log in’s.
User Network Identifier (NetID) – An assigned University wide identifier required by online services to be entered along with password during log in to authenticate for access.
SafeNet (Two-Factor authentication) – An authentication service that leverages user tokens to provide a two-factor, one-time password for enhanced security protection of sensitive data systems. This service will be phased out, replaced by NetID+ (Duo).
NetID+ (Two-Factor Authentication- Duo) – NetID+ is a new two-factor authentication service implemented in 2016 for employees and guests. It provides additional security that enables university systems to verify user’s identities with greater certainty.
Rutgers Guest Request System – Rutgers Guest Request System is an enterprise self-service tool that enables the University Guests to submit their requests to obtain a digital identity (NetID and active guest role).